New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

SOA-C02 Leak Questions

Page: 12 / 17
Question 48

A company has a new requirement stating that all resources In AWS must be tagged according to a set policy.

Which AWS service should be used to enforce and continually Identify all resources that are not in compliance with the policy?

Options:

A.

AWS CloudTrail

B.

Amazon Inspector

C.

AWS Config

D.

AWS Systems Manager

Question 49

The company wants to improve the security and high availability of a two-tier web application that was rehosted to AWS, currently in a single Availability Zone.

Options (Select TWO):

Options:

A.

Place the web-tier instances in an Auto Scaling group. Configure the Auto Scaling group to support a Multi-AZ deployment into private subnets that are behind an internet-facing Application Load Balancer.

B.

Place the web-tier instances in an Auto Scaling group. Configure the Auto Scaling group in multiple AWS Regions. Deploy the EC2 instances into private subnets that are behind an internet-facing Application Load Balancer.

C.

Launch an additional EC2 instance to host SQL Server. Place the new database EC2 instance in a second AWS Region. Enable replication between the two database EC2 instances.

D.

Use AWS Database Migration Service (AWS DMS) to migrate the database EC2 instance to Amazon RDS for SQL Server with Multi-AZ Database Mirroring (DBM).

E.

Use AWS Database Migration Service (AWS DMS) to migrate the database EC2 instance to Amazon DynamoDB.

Question 50

The company wants to ensure that SSH access to EC2 instances is not publicly accessible, and if it becomes open, it needs to close the port immediately.

Options (Select TWO):

Options:

A.

Add an Amazon CloudWatch alarm to detect the security groups that allow SSH.

B.

Add an AWS Config rule to detect the security groups that allow SSH.

C.

Add an assessment template to Amazon Inspector to detect the security groups that allow SSH.

D.

Call an AWS Systems Manager Automation runbook to close the port.

E.

Call AWS Systems Manager Run Command to close the port.

Question 51

A company migrated an I/O intensive application to an Amazon EC2 general purpose instance. The EC2 instance has a single General Purpose SSD Amazon Elastic Block Store (Amazon EBS) volume attached.

Application users report that certain actions that require intensive reading and writing to the disk are taking much longer than normal or are failing completely. After reviewing the performance metrics of the EBS volume, a SysOps administrator notices that the VolumeQueueLength metric is consistently high during the same times in which the users are reporting issues. The SysOps administrator needs to resolve this problem to restore full performance to the application.

Which action will meet these requirements?

Options:

A.

Modify the instance type to be storage optimized.

B.

Modify the volume properties by deselecting Auto-Enable Volume 10.

C.

Modify the volume properties to increase the IOPS.

D.

Modify the instance to enable enhanced networking.

Page: 12 / 17
Exam Code: SOA-C02
Exam Name: AWS Certified SysOps Administrator - Associate (SOA-C02)
Last Update: Dec 22, 2024
Questions: 460
SOA-C02 pdf

SOA-C02 PDF

$25.5  $84.99
SOA-C02 Engine

SOA-C02 Testing Engine

$28.5  $94.99
SOA-C02 PDF + Engine

SOA-C02 PDF + Testing Engine

$40.5  $134.99